Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Another Dr. Watson's Postmortem Debugger problem

misszamal

Posted 29 April 2008 - 04:02 PM

misszamal

New Member

Member

6 posts

Hi, I'm trying to remove 'Dr. Watson's Postmortem Debugger' and have downloaded Hijack This and now have a Log File with no idea which items to delete/check etc. If you could help me out with how to remove the Dr. Watson's... etc that would saaaave my life.

Double click on ccsetupXXX_slim.exe to start the installation of CCleaner. (XXX is the version number)

Click OK

Click Next

Click I agree

Click Next

Click Install

Once the installation has finished, click Finish

-----------------------------------------------------------Set Options in CCleaner and run Cleaning Scan.Open CCleaner if it's not already running.( Do not use the Registry block to clean anything with this program. It is for experts only and it is risky).

Select Cleaner Settings.
Check Internet Explorer, Windows Explorer, and System so that all items are checked. In the Advanced section, have a check only on Old PreFetch Data.

Click on the Options block on the left. Select Advanced.Uncheck Only delete files in Windows Temp folders older than 48 hours.

Set Cookie Retention.
Click on the Options block on the left, then choose Cookies.
Under the Cookies to delete pane, highlight any cookies you would like to retain permanently (those companies or sites with which you regularly visit or do business), and click the right arrow > to move them to the Cookies to keep pane.

Run Cleaning Scan. Click on the Cleaner block on the left. Choose the Windows tab.
Click the Run Cleaner button. This process could take a while. When CCleaner shows how much has been removed, cleaning is finished.

-----------------------------------------------------------Retrieve the Installed Programs List from CCleanerOpen CCleaner if it's not already running.In the Left Pane, click ToolsVerify that Uninstall is highlighted in color, or click on it.In the lower Right, click Save to Text File.Pull down the arrow at the top of the Save dialog and choose Desktop as the location.You can leave the filename as install.txtClick SaveExit CCleaner by clicking on the X button in the upper right of the CCleaner window.-----------------------------------------------------------Post a New HiJackThis LogReboot your computer. Start HijackThisClick Do System Scan and Save a Log File. When the Scan is complete, select the whole log (Ctrl-A), copy and paste the log contents in a reply, along with the contents of CCleaner's install.txt

askey127

Posted 30 April 2008 - 11:02 AM

askey127

Malware Expert

Expert

93 posts

Wait for HiJackThis to finish the scan and pop up a Notepad session before you exit.Then please be sure to "select all" using Ctrl+A keys to highlight the entire HiJackThis log, then copy and paste the contents in a reply.This one got cut off.

askey127

Posted 30 April 2008 - 03:04 PM

askey127

Malware Expert

Expert

93 posts

misszamal,Open Notepad, paste the following code box contents into the text.

sc stop MCVSRte
sc config MCVSRte start= disabled
sc delete MCVSRte

Use Notepad's File, Save As to save it to your desktop as File type All Files (not as text file or it won't work), and save it as file name FixSvc.batExit Notepad and double click on FixSvc.batA Command window will flash on and off.-----------------------------------------------------------Peer to Peer File SharingPlease note that as long as you're using any form of Peer-to-Peer networking (utorrent, Azureus, Morpheus, Limewire, etc.) and downloading files from non-documented sources, you can expect infestations of malware to occur.

When you use Peer-to-peer (P2P) programs, you are downloading software from an UNKNOWN source directly onto your computer, bypassing your Firewall and Anti-Virus software. It's hardly surprising that many of the available downloads are being used by malware purveyors as a delivery method for their infections. Further, if your P2P program is not configured correctly you may be sharing more files than you realize. See here : http://www.infoworld...ID-theft_1.html

Even if you have one of the SAFE P2P programs, the practice of file-sharing is very UNSAFE for the health of your PC.You may decide to continue P2P sharing, but keep in mind that this practice may be the source of major PC infections. Better ask yourself if you and your system CD are REALLY ready to reformat your Hard Drive and Re-install Windows.

The risks of using P2P programs are described here in this Sourceforge webpage and in this Information Week article.Some malware help forums are now refusing to help those who show up with infections from P2P usage.

I think you should stop using and Uninstall Limewire , but it's your decision.. I have included Limewire in removals below. -----------------------------------------------------------Remove Program(s) with CCleanerOpen CCleaner. In the Left Pane, click Tools. Verify that Uninstall is highlighted in color, or click on it.Click and Highlight the Following Programs, one at a time, and click the Run Uninstaller button for each one. Wait for completion of each one before highlighting and Uninstalling the next.Adobe Reader 7.0.5LimeWire 4.14.12J2SE Runtime Environment 5.0 Update 1Online Video Add-on

Take extra care in answering questions posed by any Uninstaller. Some questions may be worded to deceive you into Keeping the program.-----------------------------------------------------------Download the latest version of Java Runtime Environment(JRE), and install it to your computer. It is the 5th one down on the page, called Java Runtime Environment (JRE) 6 Update 6Download it, choose save, and save it to your desktop.Then doubleclick it, and it will install the newest version of Java for you to use. -----------------------------------------------------------Click here to download the latest version of Adobe Acrobat Reader.Select your Windows version and click on Download. Save this file to your desktop and run it to install the latest version of Adobe Reader.[/list]If you prefer a simple reader, without plug-ins, that is smaller and faster, take a look at the free Foxit Reader here : http://www.foxitsoft...df/rd_intro.php-----------------------------------------------------------Post a New HiJackThis LogReboot your computer. Start HijackThis. Click Do System Scan and Save a Log File. When the Scan is complete, select the whole log (Ctrl-A), copy and paste the log contents in a reply.

askey127

Posted 02 May 2008 - 10:28 AM

Please download VundoFix.exe by Atribune from Atribune and save it to your desktop.

Double click VundoFix.exe to run it.

Click the Scan for Vundo button.

Once it's done scanning, click the Fix Vundo button.

You will receive a prompt asking if you want to remove the files, click YES

Once you click yes, your desktop will go blank as it starts removing Vundo.

When completed, it will prompt that it will reboot your computer, click OK.

Please post the contents of C:\vundofix.txt

Note: It is possible that VundoFix encountered a file it could not remove. In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button." when VundoFix appears at reboot.If VundoFix runs successfully and does not report any errors, you can ignore the rest of this post and just reply with the VundoFix log contents.

IN CASE YOU RECEIVE THIS ERROR - "Run-time error '339': Component 'comdlg32.ocx' or one its dependencies not correctly registered: a file is missing or invalid":Please download this file and save it to your desktop.

Right click on Comdlg32.zip and select Extract All....

Click Next on seeing the Welcome to the Compressed (zipped) Folders Extraction Wizard.

On the text box above the Browse button, copy and paste in C:\Windows\system32.

Click OK.

Uncheck (untick) the Show extracted files box and click Finish.

Click on Start > Run and copy and paste in the following into the Run box:

REGSVR32 C:\Windows\system32\comdlg32.ocx

Press Enter.

You should receive this message - "DllRegisterServer in C:\Windows\system32\comdlg32.ocx succeeded."

Posted 04 May 2008 - 05:51 PM

askey127

Posted 05 May 2008 - 04:13 AM

misszamal,Using Internet Explorer, Please Do an Online Scan with Kaspersky WebScanner.Go here to run an online scanner from Kaspersky.

Click on "Kaspersky Online Scanner"

A new smaller window will pop up. Press on "Accept". After reading the contents.

Now Kaspersky will update the anti-virus database. Let it run.

Click on "Next">"Scan Settings", and make sure the database is set to "extended". And check both the scan options. Then click OK.

Then click on "My Computer", and the scan will start.

Once finished, save the log to your Desktop as filename KAV.txt

Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the license, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license is accepted, reset to 100%.If the file KAV.txt appears to be too large to post (more than a couple hundred lines), let me know and I will give you instructions that will convert it to a smaller file.------------------------------------------------------Please download SmitFraudFix.exe by S!Ri and save it to the desktop.

Double click on SmitfraudFix.exe.

Press 1 then hit the Enter key.

It will create a report named rapport.txt, usually in the root of your C drive

Please copy/paste the content of that text file report (C:\rapport.txt) into your next reply.

So we are looking for the Kaspersky report and the contents of C:\rapport.txtaskey127